From 6ccd8f3f3d47de7815004b6b2882649bdb30dfb5 Mon Sep 17 00:00:00 2001 From: Daniel Gray Date: Wed, 22 Jan 2020 13:10:10 +0000 Subject: [PATCH 01/12] ProtonVPN has now audited and open source clients. --- _includes/sections/vpn.html | 31 ++++++++++++------------------- 1 file changed, 12 insertions(+), 19 deletions(-) diff --git a/_includes/sections/vpn.html b/_includes/sections/vpn.html index 0fb879ae..79e48ea9 100644 --- a/_includes/sections/vpn.html +++ b/_includes/sections/vpn.html @@ -40,31 +40,15 @@

The Mullvad VPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. The Mullvad website is also accessible via Tor at xcln5hkbriyklr6n.onion.

- - - - - -

Other Providers Worth Mentioning

- -
-
ProtonVPN

ProtonVPN Free USD $96/year

-

ProtonVPN is a strong contender in the VPN space, and they have been in operation since 2016. ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options. Unfortunately due to its lack of an independent security audit it does not meet the complete criteria for recommendation, see our notes below.

-
Not Audited
-

ProtonVPN has not undergone a security audit by an independent third party, and therefore cannot be strongly recommended at this time. We have still chosen to list it on this page with the assumption that an audit will be published soon:

-
-

We are currently undergoing a complete security audit of our VPN applications by a reputable Swiss security company. The results of the audit will be summarized in a public report for cases like this.

-
Marc Loebekken, ProtonVPN AG Legal counsel
-
-

We will reevaluate this listing at the end of Q1 2020 or when the aforementioned report has been published, whichever is sooner. +

ProtonVPN is a strong contender in the VPN space, and they have been in operation since 2016. ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options.

+
Independently Audited
+

As of January 2020 all ProtonVPN apps are now open source and audited.

610+ Servers

ProtonVPN has 610 servers in 44 countries at the time of writing this page. Typically the more servers a provider offers, the better: With hundreds of servers in operation, you are far more likely to find a fast connection and a server geographically closest to you.

Accepts Bitcoin
@@ -75,6 +59,15 @@

The ProtonVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. ProtonVPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using the official Tor Browser for this purpose.

+
+ + + +

Other Providers Worth Mentioning

+ +
From eff54554a694884ae4761d9110aa4a20d3d02893 Mon Sep 17 00:00:00 2001 From: Daniel Gray Date: Thu, 23 Jan 2020 03:01:31 +0000 Subject: [PATCH 02/12] Fix plural stuff --- _includes/sections/vpn.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/_includes/sections/vpn.html b/_includes/sections/vpn.html index 79e48ea9..8d1bcc4d 100644 --- a/_includes/sections/vpn.html +++ b/_includes/sections/vpn.html @@ -1,7 +1,7 @@ -

Recommended VPN Service

+

Recommended VPN Services

@@ -65,7 +65,7 @@ Note: Using a VPN provider will not make you anonymous, but it will give you better privacy in certain situations. A VPN is not a tool for illegal activities. Don't rely on a "no log" policy.
-

Other Providers Worth Mentioning

+

Other Provider Worth Mentioning

From 101b28138e7701591da913464fdd87b4cbd4086e Mon Sep 17 00:00:00 2001 From: Daniel Gray Date: Thu, 23 Jan 2020 03:15:03 +0000 Subject: [PATCH 03/12] Link to actual audit. --- _includes/sections/vpn.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/_includes/sections/vpn.html b/_includes/sections/vpn.html index 8d1bcc4d..9d9db93b 100644 --- a/_includes/sections/vpn.html +++ b/_includes/sections/vpn.html @@ -24,7 +24,7 @@
WireGuard Support

In addition to standard OpenVPN connections, Mullvad supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.

Independently Audited
-

Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report published at cure53.de. The security researchers concluded:

+

Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report published at cure53.de and . The security researchers concluded:

...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.

@@ -48,7 +48,7 @@

ProtonVPN Free USD $96/year

ProtonVPN is a strong contender in the VPN space, and they have been in operation since 2016. ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options.

Independently Audited
-

As of January 2020 all ProtonVPN apps are now open source and audited. +

As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult.

610+ Servers

ProtonVPN has 610 servers in 44 countries at the time of writing this page. Typically the more servers a provider offers, the better: With hundreds of servers in operation, you are far more likely to find a fast connection and a server geographically closest to you.

Accepts Bitcoin
From eaf75fa8f6e1bfed50f25c4eefc1b41e33e4bbb1 Mon Sep 17 00:00:00 2001 From: Daniel Gray Date: Thu, 23 Jan 2020 03:29:13 +0000 Subject: [PATCH 04/12] Fix up open source mention make badge --- _includes/sections/vpn.html | 4 ++++ pages/providers/vpn.html | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/_includes/sections/vpn.html b/_includes/sections/vpn.html index 9d9db93b..44b4112c 100644 --- a/_includes/sections/vpn.html +++ b/_includes/sections/vpn.html @@ -28,6 +28,8 @@

...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.

+
Open source clients
+

Mullvad provides the source code to their clients on Github at mullvad/mullvadvpn-app

IPv6 Support

Mullvad supports the future of networking IPv6. Their network allows users to access services hosted on IPv6 as opposed to other providers who block IPv6 connections.

Remote port forwarding
@@ -49,6 +51,8 @@

ProtonVPN is a strong contender in the VPN space, and they have been in operation since 2016. ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options.

Independently Audited

As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult. +

Open source clients
+

ProtonVPN provides the source code to their clients on Github.

610+ Servers

ProtonVPN has 610 servers in 44 countries at the time of writing this page. Typically the more servers a provider offers, the better: With hundreds of servers in operation, you are far more likely to find a fast connection and a server geographically closest to you.

Accepts Bitcoin
diff --git a/pages/providers/vpn.html b/pages/providers/vpn.html index d3452744..af9c25a6 100644 --- a/pages/providers/vpn.html +++ b/pages/providers/vpn.html @@ -62,7 +62,8 @@ breadcrumb: "VPN"
  • OpenVPN and WireGuard support.
  • Killswitch with highly configurable options (enable/disable on certain networks, on boot, etc.)
    • -
  • Easy-to-use VPN clients, especially open-source. Even better if the Android version is also available in F-Droid.
    • +
  • Easy-to-use VPN clients
    • +
  • Clients are open source We believe that source code availability provides greater transparency to the user about what their device is actually doing. Ideally we like to see these applications available in F-Droid
  • Supports IPv6. We expect that servers will allow incoming connections via IPv6 and allow users to access services hosted on IPv6 addresses.
  • Capability of remote port forwarding assists in creating connections when using P2P (Peer-to-Peer) filesharing software, Freenet, or hosting a server (e.g., Mumble).
From f015e96855b4354f312726fbb5ad3d2f90f1180b Mon Sep 17 00:00:00 2001 From: Daniel Gray Date: Thu, 23 Jan 2020 03:32:44 +0000 Subject: [PATCH 05/12] Fix missing fullstops. --- _includes/sections/vpn.html | 2 +- pages/providers/vpn.html | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/_includes/sections/vpn.html b/_includes/sections/vpn.html index 44b4112c..201c6a37 100644 --- a/_includes/sections/vpn.html +++ b/_includes/sections/vpn.html @@ -29,7 +29,7 @@

...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.

Open source clients
-

Mullvad provides the source code to their clients on Github at mullvad/mullvadvpn-app

+

Mullvad provides the source code to their clients on Github at mullvad/mullvadvpn-app.

IPv6 Support

Mullvad supports the future of networking IPv6. Their network allows users to access services hosted on IPv6 as opposed to other providers who block IPv6 connections.

Remote port forwarding
diff --git a/pages/providers/vpn.html b/pages/providers/vpn.html index af9c25a6..638fa9b9 100644 --- a/pages/providers/vpn.html +++ b/pages/providers/vpn.html @@ -63,7 +63,7 @@ breadcrumb: "VPN"
  • OpenVPN and WireGuard support.
  • Killswitch with highly configurable options (enable/disable on certain networks, on boot, etc.)
  • Easy-to-use VPN clients
    • -
  • Clients are open source We believe that source code availability provides greater transparency to the user about what their device is actually doing. Ideally we like to see these applications available in F-Droid
    • +
  • Clients are open source. We believe that source code availability provides greater transparency to the user about what their device is actually doing. Ideally we like to see these applications available in F-Droid.
  • Supports IPv6. We expect that servers will allow incoming connections via IPv6 and allow users to access services hosted on IPv6 addresses.
  • Capability of remote port forwarding assists in creating connections when using P2P (Peer-to-Peer) filesharing software, Freenet, or hosting a server (e.g., Mumble).
    • From 4ed0bdae2d7c5c6f66331813d6ba764d231291dd Mon Sep 17 00:00:00 2001 From: Daniel Nathan Gray Date: Thu, 23 Jan 2020 13:44:28 +0000 Subject: [PATCH 06/12] Fix typo Co-Authored-By: Mikaela Suomalainen --- _includes/sections/vpn.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_includes/sections/vpn.html b/_includes/sections/vpn.html index 201c6a37..e9e42003 100644 --- a/_includes/sections/vpn.html +++ b/_includes/sections/vpn.html @@ -24,7 +24,7 @@
    WireGuard Support

    In addition to standard OpenVPN connections, Mullvad supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.

    Independently Audited
    -

    Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report published at cure53.de and . The security researchers concluded:

    +

    Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report published at cure53.de. The security researchers concluded:

    ...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.

    From 61b2b052fe79dbd8f275e5011214dd46c1f8ca82 Mon Sep 17 00:00:00 2001 From: Daniel Nathan Gray Date: Thu, 23 Jan 2020 13:45:32 +0000 Subject: [PATCH 07/12] Clean up link Co-Authored-By: Mikaela Suomalainen --- _includes/sections/vpn.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_includes/sections/vpn.html b/_includes/sections/vpn.html index e9e42003..d395b348 100644 --- a/_includes/sections/vpn.html +++ b/_includes/sections/vpn.html @@ -29,7 +29,7 @@

    ...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.

    Open source clients
    -

    Mullvad provides the source code to their clients on Github at mullvad/mullvadvpn-app.

    +

    Mullvad provides the source code to their clients on Github.

    IPv6 Support

    Mullvad supports the future of networking IPv6. Their network allows users to access services hosted on IPv6 as opposed to other providers who block IPv6 connections.

    Remote port forwarding
    From 449b77c76c01f9e07b4212142923e090d0594258 Mon Sep 17 00:00:00 2001 From: Daniel Nathan Gray Date: Thu, 23 Jan 2020 13:46:34 +0000 Subject: [PATCH 08/12] Link to Tor. Co-Authored-By: Mikaela Suomalainen --- _includes/sections/vpn.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_includes/sections/vpn.html b/_includes/sections/vpn.html index d395b348..61b74eb3 100644 --- a/_includes/sections/vpn.html +++ b/_includes/sections/vpn.html @@ -60,7 +60,7 @@
    Mobile Clients

    In addition to providing standard OpenVPN configuration files, ProtonVPN has mobile clients for iOS or Android allowing for easy connections to their servers.

    Extra Functionality
    -

    The ProtonVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. ProtonVPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using the official Tor Browser for this purpose.

    +

    The ProtonVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. ProtonVPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using the official Tor Browser for this purpose.

    From a19dfe2f431ae7eaee059c9627d6f2aebf89c64b Mon Sep 17 00:00:00 2001 From: Daniel Nathan Gray Date: Sat, 25 Jan 2020 10:20:20 +0000 Subject: [PATCH 09/12] Put number of servers first Co-Authored-By: Jonah Aragon --- _includes/sections/vpn.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_includes/sections/vpn.html b/_includes/sections/vpn.html index 61b74eb3..26fe2080 100644 --- a/_includes/sections/vpn.html +++ b/_includes/sections/vpn.html @@ -48,7 +48,7 @@

    ProtonVPN Free USD $96/year

    -

    ProtonVPN is a strong contender in the VPN space, and they have been in operation since 2016. ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options.

    +

    ProtonVPN is a strong contender in the VPN space, and they have been in operation since 2016. ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options. Visit protonvpn.com to create an account.

    Independently Audited

    As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult.

    Open source clients
    From a285ac8ba38b69cb4a52648a504634c8053a0099 Mon Sep 17 00:00:00 2001 From: Daniel Gray Date: Sat, 25 Jan 2020 10:36:06 +0000 Subject: [PATCH 10/12] Fix capitalization of GitHub --- _includes/sections/vpn.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/_includes/sections/vpn.html b/_includes/sections/vpn.html index 26fe2080..63f8fce0 100644 --- a/_includes/sections/vpn.html +++ b/_includes/sections/vpn.html @@ -29,7 +29,7 @@

    ...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.

    Open source clients
    -

    Mullvad provides the source code to their clients on Github.

    +

    Mullvad provides the source code to their clients on GitHub.

    IPv6 Support

    Mullvad supports the future of networking IPv6. Their network allows users to access services hosted on IPv6 as opposed to other providers who block IPv6 connections.

    Remote port forwarding
    @@ -52,7 +52,7 @@
    Independently Audited

    As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult.

    Open source clients
    -

    ProtonVPN provides the source code to their clients on Github.

    +

    ProtonVPN provides the source code to their clients on GitHub.

    610+ Servers

    ProtonVPN has 610 servers in 44 countries at the time of writing this page. Typically the more servers a provider offers, the better: With hundreds of servers in operation, you are far more likely to find a fast connection and a server geographically closest to you.

    Accepts Bitcoin
    From f983e3ae55ad66eb6cb1646221a1c1d7392eb1f4 Mon Sep 17 00:00:00 2001 From: Daniel Gray Date: Sat, 25 Jan 2020 18:13:18 +0000 Subject: [PATCH 11/12] Link to blog article, there are 4 separate reports. --- _includes/sections/vpn.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_includes/sections/vpn.html b/_includes/sections/vpn.html index 63f8fce0..a35ab3df 100644 --- a/_includes/sections/vpn.html +++ b/_includes/sections/vpn.html @@ -50,7 +50,7 @@

    ProtonVPN Free USD $96/year

    ProtonVPN is a strong contender in the VPN space, and they have been in operation since 2016. ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options. Visit protonvpn.com to create an account.

    Independently Audited
    -

    As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult. +

    As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult. See individual reports for each platform.

    Open source clients

    ProtonVPN provides the source code to their clients on GitHub.

    610+ Servers
    From 9d9f0f3dee87cb846707d17c1ced7cee83fc9194 Mon Sep 17 00:00:00 2001 From: Jonah Date: Sat, 25 Jan 2020 16:19:14 -0600 Subject: [PATCH 12/12] Clarifications --- _includes/sections/vpn.html | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/_includes/sections/vpn.html b/_includes/sections/vpn.html index a35ab3df..41ceae03 100644 --- a/_includes/sections/vpn.html +++ b/_includes/sections/vpn.html @@ -1,7 +1,7 @@

    Recommended VPN Services

    @@ -18,7 +18,7 @@

    Mullvad EUR €60/Year

    -

    Mullvad is a fast and inexpensive VPN with a serious focus on transparency and security. They have been in operation since 2009. It is the only VPN provider that currently meets our criteria for recommendation. Mullvad is based in Sweden and does not have a free trial. Visit mullvad.net to create an account.

    +

    Mullvad is a fast and inexpensive VPN with a serious focus on transparency and security. They have been in operation since 2009. Mullvad is based in Sweden and does not have a free trial. Visit mullvad.net to create an account.

    406+ Servers

    Mullvad has 409 servers in 39 countries at the time of writing this page. Typically the more servers a provider offers, the better: With hundreds of servers in operation, you are far more likely to find a fast connection and a server geographically closest to you.

    WireGuard Support
    @@ -28,11 +28,11 @@

    ...Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.

    -
    Open source clients
    -

    Mullvad provides the source code to their clients on GitHub.

    +
    Open Source Clients
    +

    Mullvad provides the source code for their desktop and mobile clients in their GitHub organization.

    IPv6 Support

    Mullvad supports the future of networking IPv6. Their network allows users to access services hosted on IPv6 as opposed to other providers who block IPv6 connections.

    -
    Remote port forwarding
    +
    Remote Port Forwarding

    Remote port forwarding is allowed on Mullvad, see Port forwarding with Mullvad VPN.

    Accepts Bitcoin

    Mullvad in addition to accepting credit/debit cards and PayPal, accepts Bitcoin, Bitcoin Cash, and cash/local currency as anonymous forms of payment. They also accept Swish and bank wire transfers.

    @@ -49,16 +49,18 @@

    ProtonVPN Free USD $96/year

    ProtonVPN is a strong contender in the VPN space, and they have been in operation since 2016. ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options. Visit protonvpn.com to create an account.

    -
    Independently Audited
    -

    As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult. See individual reports for each platform. -

    Open source clients
    -

    ProtonVPN provides the source code to their clients on GitHub.

    610+ Servers

    ProtonVPN has 610 servers in 44 countries at the time of writing this page. Typically the more servers a provider offers, the better: With hundreds of servers in operation, you are far more likely to find a fast connection and a server geographically closest to you.

    +
    Independently Audited
    +

    As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult. SEC Consult found some medium and low risk vulnerabilities in ProtonVPN's Windows, Android, and iOS applications, all of which were "properly fixed" by ProtonVPN before the reports were published. None of the issues identified would have provided an attacker remote access to a user's device or traffic. You can view individual reports for each platform at protonvpn.com. +

    Open Source Clients
    +

    ProtonVPN provides the source code for their desktop and mobile clients in their GitHub organization.

    Accepts Bitcoin

    ProtonVPN does technically accept Bitcoin payments; however, you either need to have an existing account, or contact their support team in advance to register with Bitcoin.

    Mobile Clients

    In addition to providing standard OpenVPN configuration files, ProtonVPN has mobile clients for iOS or Android allowing for easy connections to their servers.

    +
    No Port Forwarding
    +

    ProtonVPN does not currently support remote port forwarding, which may impact some applications. Especially Peer-to-Peer applications like Torrent clients.

    Extra Functionality

    The ProtonVPN clients have a built-in killswitch to block internet connections outside of the VPN. They also are able to automatically start on boot. ProtonVPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using the official Tor Browser for this purpose.